Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit aff5e54c authored May 09, 2014 by Ricardo Cerqueira Committed by Brint E. Kriebel Jul 10, 2014

ota: Validate any installed data's signature against our own

Try to prevent incompatible-signature system quirkiness

Change-Id: I73402d963a1b57ad0ee3c68ced4f2d7f074f927f

parent 1df415bb

config/common.mk

+4 −0

Original line number	Diff line number	Diff line
		@@ -87,6 +87,10 @@ PRODUCT_COPY_FILES += \
		vendor/cm/prebuilt/common/bin/blacklist:system/addon.d/blacklist
		endif

		# Signature compatibility validation
		PRODUCT_COPY_FILES += \
		vendor/cm/prebuilt/common/bin/otasigcheck.sh:system/bin/otasigcheck.sh

		# init.d support
		PRODUCT_COPY_FILES += \
		vendor/cm/prebuilt/common/etc/init.d/00banner:system/etc/init.d/00banner \

prebuilt/common/bin/otasigcheck.sh

0 → 100644

+18 −0

Original line number	Diff line number	Diff line
		#!/sbin/sh

		# Validate that the incoming OTA is compatible with an already-installed
		# system

		if [ -f /data/system/packages.xml -a -f /tmp/releasekey ]; then
		relCert=$(grep -A3 'package name="com.android.providers.calendar"' /data/system/packages.xml \| grep "cert index" \| head -n 1 \| sed -e 's\|."\([[:digit:]]\)".\|\1\|g')

		grep "cert index=\"$relCert\"" /data/system/packages.xml \| grep -q `cat /tmp/releasekey`
		if [ $? -ne 0 ]; then
		echo "You have an installed system that isn't signed with this build's key, aborting..."
		# Edify doesn't abort on non-zero executions, so let's trash the key and use sha1sum instead
		echo "INVALID" > /tmp/releasekey
		exit 1
		fi
		fi

		exit 0